12 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-22464
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. Th...
Mageia: Security Advisory (MGASA-2023-0019)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated viewvc packages fix security vulnerability
ViewVC is vulnerable to cross-site scripting. The impact of these vulnerabilities is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by an otherwise trusted ViewVC instance. The attack vector involves files with unsafe names names that, when...
Debian: Security Advisory (DLA-3266-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3266-1] viewvc security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3266-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb January 11, 2023 https://wiki.debian.org/LTS -...
CVE-2023-22464
creationtimestamp| type| source ---|---|--- 2023-01-04 18:18:10+00:00| seen| https://t.me/cibsecurity/55891 2025-03-10 21:39:14+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7062...
CVE-2023-22464
ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...
CVE-2023-22464
ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...
CVE-2023-22464 ViewVC XSS vulnerability in revision view changed path "copyfrom" locations
ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...
CVE-2023-22464
CVE-2023-22464 affects ViewVC (CVS/Subversion browser) prior to 1.2.3 (1.2.x) and 1.1.30 (1.1.x). The root cause is cross-site scripting via files with unsafe names that, when embedded in HTML, could execute code; impact is mitigated by requiring the attacker to have commit privileges to a Subver...
CVE-2023-22464 ViewVC XSS vulnerability in revision view changed path "copyfrom" locations
ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...
devel/viewvc-devel is vulnerable to cross-site scripting
C. Michael Pilato reports: security fix: escape revision view copy paths 311 CVE-2023-22464 security fix: escape revision view changed paths 311 CVE-2023-22456...